SAP NetWeaver Application Server ABAP KRNL64NUC 7.49

CPE Details

SAP NetWeaver Application Server ABAP KRNL64NUC 7.49
sap
netweaver_application_server_abap
krnl64nuc_7.49
2021-06-14
12h59 +00:00
2022-10-06
13h20 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:sap:netweaver_application_server_abap:krnl64nuc_7.49:*:*:*:*:*:*:*

Informations

Vendor

sap

Product

netweaver_application_server_abap

Version

krnl64nuc_7.49

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-22536 2022-02-09 22h05 +00:00 SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
10
Critical
CVE-2021-33665 2021-06-09 11h33 +00:00 SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML), versions - KRNL64NUC - 7.49, KRNL64UC - 7.49,7.53, KERNEL - 7.49,7.53,7.77,7.81,7.84, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
5.4
Medium
CVE-2021-33663 2021-06-09 11h33 +00:00 SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83,7.84, allows an unauthorized attacker to insert cleartext commands due to improper restriction of I/O buffering into encrypted SMTP sessions over the network which can partially impact the integrity of the application.
5.3
Medium